Numbers and Symbols A

Index

Numbers and Symbols ActiveRecord::Base, inheriting from, 110 ActiveRecord::RecordNotFound exception, 404.html file, 24 32, 41 422.html file, 24 ActiveSupport::Cache::FileStore cache 500.html file, 24 store, 186 && (and) operator, 9–10 ActiveSupport::Cache::MemoryStore cache @, for instance variables, 15 store, 186 \ (backslash), for special characters, 6 ActiveSupport::TestCase module, 143 : (colon), for symbols, 7 Ada, 3 { } (curly braces) add command (Git), 77 for blocks, 13 alert class, 131 for hashes, 8 alert-danger class, 132 :: (double-colon) operator, 91 alert message, 132 " (double-quotes), for strings, 6 alert-success class, 132 == (equal) operator, 9 all method, 32 ! (exclamation mark), at end of Amazon Elastic Compute Cloud method name, 7 (Amazon EC2), 224 => (hash rocket), 8–9 Amazon Web Services (AWS), 224–225 > (greater than) operator, 9 ancestors class method, 95–96 < (less than) operator, 9 and (&&) operator, 9–10 and inheritance, 17 anonymous users, restricting page access, << operator, 8 125, 136 <=> operator, 92 Apache <%= %> tag, 58 disabling default site, 237 <% %> tag, 58–59 installing, 226–228 <%# %> tag, for comments, 59 API controllers, 212–213 % (modulus) operator, 5 api module, 219 != (not equal) operator, 9 API requests || (or) operator, 9–10 adding route for, 211 ||= (conditional assignment) operator, 10 authentication credentials for, 209 + operator, to add arrays, 8 APIs (application programming ? (question mark), at end of interfaces), 51 method name, 7 creating, 211–222 [ ] (square brackets), for array, 7–8 token-based authentication, 216–222 _ (underscore), in partial names, 67 api_token string, 216 | (vertical pipe), 13 app/assets directory, 65, 177 application.css file, 65, 124, 176–177 A application.js file, 66, 124 javascripts directory, 176 Accessor class, defining, 101 stylesheets directory, 176 Active Record, 30, 106–121 app/controllers directory cache_key method, 187 api/posts_controller.rb file, 212, 257 calculations, 35 api/text_posts_controller.rb file, 219 query conditions, 34–35 application_controller.rb file, 135, relation, 32 171, 218 app/controllers directory (continued) sessions/new.html.erb file, for login comments_controller.rb file, 248, form, 133–134 253–254 text_posts/edit.html.erb file, 165 destroy action in, 244 text_posts/_form.html.erb file, 158 image_post_controller.rb file, 165, text_posts/_text_post.html.erb file, 126, 250–251 165, 248, 255 ImagePostsController methods, 252 comment count in, 187–188 posts_controller.rb file, 48, 125, 256 TextPost partial, 249 index action, 184 users/new.html.erb file, 130–131 logger statement, 198 users/show.html.erb file, 155, 156 PostsController, 253 apt-get system, for software install, sessions_controller.rb file, 256 225–226 text_posts_controller.rb file, 158, 159, arrays, 7–8 164–165 for all keys in hash, 9 users_controller.rb file, 129, 156, 250 returning first and last entries in, 32 app/helpers directory, 61 ASC order, for retrieving posts, 34 application_helper.rb file, 61 as_json method, 213–214 posts_helper.rb module, 61 assertions, 146 –147 application, view for, 22 controller test, 150–152 ApplicationController class, 136–137 in testing, 143 authentication method in, 218 asset pipeline, 65, 176–179 ApplicationHelper module, 61, 90 asset precompilation, 178–179 application programming interface. debug mode, 177–178 See API (application manifests, 176–177 programming interface) viewing search path list, 177 application.rb file, 24 assets, in Rails application, 65 application server, for Ruby on Rails, assets:clobber rake task, 178 226–227 assets directory, 23, 24 app/models directory assigns hash, 150 comment.rb file, 189 associations, 39–42 adding validation, 241 adding, 40 ext_post.rb file, checking for body text, belongs_to methods, 41–42 118–119 defining, 113 image_post.rb file, 118 generating model, 39 post.rb file, 29 has_many methods, 40–41 subscription.rb file, 113 has_many :through, 109–110 user.rb file, 114, 129, 143 many-to-many, 107–110 has_many association, 119 polymorphic, 111–112 app/views directory, 58 self join, 106–107 comments/_comment.html.erb file, 248, specifying in advance, 183 253, 255 testing, 115–116 image_posts/edit.html.erb file, 165 touch option, 189 image_posts/_form.html.erb file, 251 attr_accessor method, 16, 90, 100–101 image_posts/_image_post.html.erb file, attributes of object, displaying, 198 126, 188, 192, 248 authenticated user, for ImagePost partial, 249 TextPostsController, 158 image_posts/new.html.erb file, 251 authenticate_or_request_with_http_token layouts/application.html.erb file, 64, method, 218 136, 171, 196, 250, 258 authenticate_user! method, 136, 250 updating, 243 authenticating over SSH (secure shell), 81 link_posts/_link_post.html.erb file, 256 authentication, 123–140 posts/index.html.erb file, 58, 62, 125, 159 vs. authorization, 163–164 will_paginate call, 184 of current user, 125 posts/show.html.erb file, 58, 68, 127 with GitHub API, 209–211

260 Index log in, 132–135 Bundler tool, 25 of requests, 218–219 flags in, 82 token-based, 216–222 business logic, 22 of user, 136–137 byebug gem, 199 authenticity_token token, 171 authorization attacks, 163–165 author migration, 37 C average method, 35 cached_comment_count method, 188 AWS (Amazon Web Services), 224–225 cache_key method, 187, 189, 190 cache keys, 187, 255 cache store, 185 B Rails support of, 186 backslash (\), for special characters, 6 caching, 185–192 BasicObject class, 96 enabling, 186 bcrypt gem, 128, 249 fragment, 189–191 BCrypt::Password.create method, 144 issues, 191–192 before_action :authenticate_token! low-level, 187–189 method, 219 calc method, 93 before_action :authenticate_user! callbacks, eliminating, 147–148 method, 248 canceling current operation, 4 before_action method (Rails), 48, 136 cannot_feature! method, 245 belongs_to association, 106, 107, 111–112, Capfile, 232 113, 247 Capistrano, 178, 230–237 belongs_to methods, 41–42 configuration, 232–233 belongs_to statement, 40 database setup, 233–234 between? method, 92 deployment, 235 bin directory, 20, 23 secrets setup, 234 bundle install command, 124, 128, 199 setup, 231–232 cap production deploy command, 258 virtual host, 236–237 rails console command, 247, 249 capistrano-rails gem, 231 rails generate command, 153 Cascading Style Sheets (CSS) rails server command, 57 asset pipeline and, 176 rake db:migrate command, 129, 216 including in application, 124 rake log:clear command, 197 lists of application use, 65 rake routes command, 211 case rake test command, 142 for constants, 10 rake test:models command, 149 for variables, 11 --binstubs option, for bundler, 231 cd command, 20 block of code, 13 centralized version control systems, 76 blog posts, adding comments, 39 change_column method, 37 body element (HTML), 64 change method, 36 Booleans, 9–10 changes, pushing or pulling, 76 Bootstrap, 124 checkout command (Git), 79, 80 form-group class, 131 child model, 106 panel component, 126 classes, 15–18 styles for links, 157 adding new methods, 16 bootstrap_sass gem, 124 ancestors, 95–96 branch command (Git), 79 assigning method calls to another, 94 branching, 11 creating instance of, 16 BrightBox, 225 as instance of other class, 96–97 build-essential package, 229 methods, 96 build tools, installing, 229 class_eval method, 100–102 bundle command, 25–26, 82, 229 class methods, 17 bundle install command, 20, 235 class statement, 15

Index 261 client error, 4xx status codes for, 208 convention over configuration, 21 cloud application platform. See Heroku cookies, 52 cloud application platform secret key for, 234 code cookies hash, 150 block, 13 count method, 35 executing inside debugger, 203 create action, 44 optimization, 180–185 controller test for, 151 CoffeeScript, 176, 180 POST request for, 151 :collection option, 67–68 create command, in Heroku, 83 collections, 67–68 create comment action, controller for, 54 colon (:), for symbols, 7 created_at field, 28 columns in database, adding, 37 create_join_table method, 109 combining strings, 6 create method, 31, 53 comment model, 120, 247 for login form, 134 comment_params method, 55, 242 in SessionsController, 181–182 comments createuser command, for PostgreSQL, 228 adding, 54–55 cross-site request forgery (CSRF), 64, adding to blog posts, 39 170 –171 belongs_to methods, 41–42 token, 221 form, 72–73 cross-site scripting (XSS), 167–169 has_many methods, 40–41 CRUD functions, 31, 44 show page for, 254 CSRF (cross-site request forgery), 64, showing, 68–69 170 –171 CommentsController#create method, 72 token, 221 commit command (Git), 77–78 csrf_meta_tags method, 66–67 commit message, 77 csrf-token meta tag, 66 Comparable module, 92 CSS. See Cascading Style Sheets (CSS) Concurrent Version System (CVS), 76 Curl, 208–209, 220–221, 257 conditional assignment (||= ) operator, 10 to check index action output, 215 conditional statements, 11–12 testing API, 212 for Edit button, 191–192 for testing token-based config.action_controller.perform_caching authentication, 209 setting, 186 curly braces ({ }) config.assets.debug setting, 178 for blocks, 13 config directory, 23 for hashes, 8 deploy/production.rb file, 233 current user deploy.rb file, 232–233 authentication, 125 environments/development.rb file, 178, identifying, 135–136 186, 192 using, 137–139 routes.rb file, 45, 46, 156, 171 current_user method, 135–136, 219 logout route, 254 output of, 196 secrets.yml file, 234 custom routes, 46 console command, 26 CVS (Concurrent Version System), 76 constants, 10 continue command (debugger), 203 control flow, 11–13, 58–59 D controllers, 23, 43–56 data, testing, 39 actions, 48–54 database API, 212–213 adding columns, 37 helpers for, 47–48 adding records, 31 parameters, 49–50 CRUD functions, 31, 44 response formats, 51–52 current state, 36 testing, 150–152 HTTP verbs for actions, 44 controls on forms, helper methods for, retrieving posts from, 48 69–70

262 Index database migrations, 24, 28, 35–37 directory and application deployment, 83 creating for Ruby on Rails, 227–228 for creating table, 113 for Rails project, 20 preventing creation of, 118 display command (debugger), 202–203 updating db/schema.rb with, 142 distributed version control system, 76 database queries, reducing, 180–183 div element, class="container", 124 database.yml file, 24 division, math operation, 5 data model, 106 doctype (HTML5), 64 advanced, 106–112 documentation for social networking service, 112 for Bootstrap, 124 data types, 5–11 from gems, 229 arrays, 7–8 document root, for Virtual Host, 236 Booleans, 9–10 do, end pair, for adding block, 45 hashes, 8–9 Don’t Repeat Yourself (DRY), 22 numbers, 5 do statement, 13 strings, 6–7 double-colon (::) operator, 91 symbols, 7 double-quotes ("), for strings, 6 dbconsole command, 26 DRY (Don’t Repeat Yourself), 22 db directory, 24 duck typing, 98–99 migrate directory, 35 duplication, eliminating, 147–148 schema.rb file, 36 db:rollback statement, 36 E debugger method, 200, 256 debugging, 195–204 each method, 12–13, 58 commands, 200–204 eager loading, 183 Rails logger for, 197–199 edit action, 44, 49 debug helper, 196–197 Edit button, conditional statement for, :debug log level, 197 191–192 debug mode, 177–178 Eiffel, 3 def_delegators method, 95 Element class, instance methods of, 246 define_method method, 99–100 elements def statement, 14 adding to array end, 8 delegation, 94 of web pages, 64 delete method, 150 else statement, 11 DELETE request, 44, 46, 60 elsif statement, 11 delete_via_redirect method, 152 email address deleting records, 33–34 of current user, 125 dependent: :destroy option, 117 storing, 128 deploy:check task, 235 Embedded Ruby (ERB), 22, 57, 58–59 deployment, 75–85, 223–237 comments, 59 Capistrano, 230–237 Employee model, defining virtual private servers, 224–230 associations in, 107 DESC order, for retrieving posts, 34 empty? method, 6–7 destroy action, 44, 253 end statement, 13, 14, 90 destroy method, 33–34, 53–54, 247 environments directory, 23 for user_id, 134 equal (==) operator, 9 development environment, ERB (Embedded Ruby), 22, 57, 58–59 debug mode, 178 comments, 59 development.log file, 24 error_explanation div element, 70–71 development.rb file, 23 error messages diff command (Git), 78–79 code for displaying, 70–71 digital signature, 81 files for, 24 directives, in manifest files, 176 errors array, 39 direct manipulation, 30 errors method, 242

Index 263 /etc/apache2/sites-available directory, G 236–237 garbage collection, optimization, 175 eval command (debugger), 203 gem command, 25, 229 exclamation mark (!), at end of method name, 7 Gemfile adding debugger gem, 199 :exclusion validation, 38 updating for Heroku, 81–83 exit command, 4, 30 gems, 20, 258 extend statement, 94 bcrypt, 128 bootstrap_sass, 124 F byebug, 199 favcon.ico file, 25 capistrano-rails, 231 features, enabling and checking for, directories in asset pipeline 99–100 searches, 177 fetch method, 187 documentation from, 229 Fibonacci sequence, 93–94 installing, 229–230 Fielding, Roy, 43 jbuilder, 214–216 field_with_errors class, 71 updating installed, 124, 128, 199 file.open method, passing block to, 13 will_paginate, 184 file.read method, 18 generate_api_token method, 217 file.split method, 18 generate command, 26 find_by method, 219 get method, 150 find method, 32, 164 GET request, 44, 46, 60 first method, 32 and state change, 170 fixtures, 144 –146, 156 test issuing, 151 flags, in Bundler, 82 getter methods, 16 flash hash, 150 get_via_redirect method, 152 flash messages, 52 git add command, 77 displaying, 131–132 git branch command, 79 floating-point math, 5 git checkout command, 79, 80 flow between pages, testing, 152 git commit command, 77–78 follow action, safety from git diff command, 78–79 CSRF attacks, 171 git --help command, 78 following? method, 114 GitHub, 84 following! method, 115 account, 244 follow_redirect! method, 152 pushing code to, 234–235 foreign key, 106 GitHub API, 205, 206–207 in migration file, 108 authentication with, 209–211 for loop, 12–13 token generation, 209–210 form builder object, 71 git log command, 77 form_for method, 71, 72 git pull command, 80 forms, 69–72 git push command, 80, 83 for comments, 72–73 git remote add command, 80 form_tag, 134 git status command, 78, 79 Forwardable module, 94–95 Git version control system, 75 Fowler, Martin, Patterns of Enterprise basic usage, 77–80 Application Architecture, 30 branches, 79–80 fragment caching, 185, 189–191 getting started, 76–77 friendly_date helper method, 61 remotes, 80 full-stack web framework, 19 repository, creating, 234–235 functional tests, 150 setup, 76 staging area of, 77 greater than (>) operator, 9 greet method, 15–16

264 Index H image_post_params method, 250–251 image_tag helper, 126 Hansson, David Heinemeier, 19 img-responsive class (Bootstrap), 126 hashed version of password, 128 include statement, for methods, 91–92 hashes, 8–9 :inclusion validation, 38 for commit, 77 index action, 44, 48, 125, 212 iteration over, 13 index for array, 8 hash rocket (=>), 8–9 index page has_many association, 106, 107, 112, 116, 143 for post model, 125 has_many :leaders association, 137 for posts, 61–63 has_many method, 40 indices, creating for foreign keys, 109 has_many :through association, 109–110, 117 inheritance, 17–18 has_secure_password method, 128, 143 in Ruby, 91 head element (HTML), 64 single-table, 110–111 head method, 150 initialize statement, 15 help command, for debugger, 201 injection attacks, 165–169 --help command (Git), 78 insecure direct object reference, 164 helpers, 22, 59–61 inspect method, 198 adding methods, 61 installing for controllers, 47–48 Apache, 226–228 controller test, 150 build tools, 229 integration, 152 gems, 229–230 methods for form controls, 69–70 Heroku Toolbelt, xxi, 81 helpers directory, 23 PostgreSQL, 228–229 Heroku cloud application platform, 75, Rails, xxi–xxiii, 230 81–84 Ruby, xxi–xxiv, 225–226 deploying application, 83–84 instance, 224 Gemfile update for, 81–83 of class, creating, 16 heroku run command, 83 instance methods, 17 Heroku Toolbelt, installing, xxi, 81 instance_methods method, 96 hex method, 217 instance_of? method, 97 home page instance variables root route setting for application, 47 accessing, 16 timeline for, 137 assigning value to, 15 HTML, partials for shared code, 67–69 instantiating objects, 31 HTML5 field types, helper integer division, 5 methods for, 72 integration tests, 152–154 HTML page Interactive Ruby interpreter (IRB), 4 Rails layout for, 64 Internal Server Error code, 208 Ruby code and, 22 introspection, 97 HTTP, 207–209 IRB (Interactive Ruby interpreter), 4 status codes, 207–208 irb command, 4 HTTP verbs, 60 is_a? method, 97 for database actions, 44 is-a relationship, 17 :is validation, 38 I iteration, 12–13 identifiers, symbols as, 7 id field, 28 J retrieving record by, 32 JavaScript if statement, 11, 250 asset pipeline and, 176 ImagePost events, 180 editing, 165 including in application, 124 fixture files for, 145–146 list of files in use, 65 validation test, 149 javascript_include_tag method, 66

Index 265 JavaScript Object Notation (JSON), 22, margins, for page, 124 51, 207 master branch, 79 customizing output, 213–216 Math module, 91 messages, 205 math operations, in IRB, 5 jbuilder gem, 214–216 Matsumoto, Yukihiro, 3 join table, 113 maximum method, 35 creating, 109 :maximum validation, 38 for many_to_many association, 107–109 memcached server, 186 jq (JSON processor), 212–213 memoization, 92 JSON (JavaScript Object Notation), 22, Memoize module, calc method, 93 51, 207 Mercurial, 76 customizing output, 213–216 merge method, 9 messages, 205 metaprogramming, 89, 99–104 json.array! method, 215 method_missing method, 102–104 json.extract! method, 215 methods, 14–15, 96 include statement for, 91–92 K passing named parameters to, 9 migration files, rails generate command Kernel class, 96 to create empty, 108 keys method, 9 migrations, 35–37. See also database key-value pairs, 8 migrations minimum method, 35 L :minimum validation, 38 MiniTest framework, 141, 146 label helper, 71 mistakes. See debugging last method, 32 mixins, modules as, 91–95 layouts for views, 64–67 mkdir command, 20 leader_ids method, 137 models, 29–42 leaders method, 116 adding validations to, 118 length method, 6 relationship between two of same :length validation, 38 type, 106 less than (<) operator, 9 testing, 148–149 lib/assets directory, 177 model-view-controller (MVC), 22 lib directory, 24 module Api statement, 212 libpq-dev package, 229 module keyword, 90 limit method, 34 modules, 17–18, 89, 90–95 link_to helper, 59 as mixins, 91–95 Lisp, 3 as namespaces, 91 list command (debugger), 201–202 modulus (%) operator, 5 local variables, 202 MVC (model-view-controller), 22 log directory, 24 MySQL, 228 development.log file, 197 test.log file, 145 logger (Rails), 197–199 N log in, 132–135 N + 1 Queries, 182–183 custom routes for, 46 named parameters, passing to method, 9 implementing, 133–135 names logout, custom routes for, 46 for modules, 90 low-level caching, 185, 187–189 for partials, 67 for templates, 58 M namespaces, modules as, 91 namespace :api block, 211 mailers directory, 23 nano editor, 236 manifests, 65, 176–177 nested resources, 45 many-to-many associations, 107–110

266 Index network communications, Curl for, output to screen, 4 208–209 OWASP (Open Web Application Security new action, 44, 49 Project), 172 controller test for, 151 New Image Post form, button linking to, 251–252 P newlines, in strings, 6 Paas (Platform as a Service), 81 new method, 17 page rendering, speed of, 185 for login form, 134 paginate method, 184 new post form, 51 pagination, and optimization, 183–185 params from, 53 parameters, 49–50 from Rails scaffold generator, 69–70 for methods, 14–15 next command (debugger), 203 passing named, to method, 9 nil, 4 params, from new post form, 53 from [] method, 8 params hash, 49–50 from accessing nonexistent key, 8 :text_post key in, 160 for method definition, 14 parent model, 106 NoMethodError exception, 96, 98, 102 partials, 67–69 not equal (!=) operator, 9 password attribute, checking for, 143 “not” form, of assertions, 146 password_confirmation attribute, notice message, 132 checking for, 143 not operator, 12 password digest, 128 NOT operator, 100 passwords number helpers, 60–61 authentication, 181–182 numbers, 5 hashed version, 128 number_to_currency method, 60 patch method, 150 number_to_human method, 60 PATCH request, 44, 60 number_to_human_size method, 60 patch_via_redirect method, 152 number_to_percentage method, 61 path helpers, 47 Patterns of Enterprise Application Architecture (Fowler), 30 O PDF format, 51 Object class, 96 percentages, 61 object_id method, 7 performance. See also optimization objects caching and, 185–192 instantiating, 31 of Ruby on Rails, 175–192 state of, 15 Perl, 3 odd numbers, 5 Personal Package Archive (PPA), 225 offset method, 34 pg (PostgreSQL gem), 82 one-to-many relationships, 39 installing, 230 one-way hash, 128 Phusion Passenger, 226–227 open-source software, pipe character (|), 13 collaborating on, 84 plaintext files, reading in Ruby, 18 Open Web Application Security Project Platform as a Service (PaaS), 81 (OWASP), 172 pluralize helper method, 188 operation, canceling current, 4 polymorphic associations, 111–112 optimization @post, 72 asset pipeline, 176 –179 @post.comments.build, 72 built-in features, 176–180 post.comments.find method, 41 of code, 180–185 PostController, logger statement, 198 garbage collection, 175 post fixtures, 145–146 or (||) operator, 9–10 PostgreSQL, installing, 228–229 order clause, for timelines, 138 PostgreSQL database server, 82 order method, 34 PostgreSQL gem (pg), 82 output tag (<%= %>), 58 post_id field, 39

Index 267 Post index view, 127 question mark (?), at end of post method, 150 method name, 7 post model, 29–30, 117–119 quit command (IRB), 4 index and show pages for, 125 quotation marks, for strings, 6 post_params method, 50 post:references option, 39 POST request, 44, 46, 51 R adding repository with, 210–211 Rails, 19 posts architecture, 22–23 authorization to edit, 164 commands, 25–26 index page, 61–63 confirming install, 19 updating when comment is added, 189 installing, xxi–xxiii, 230 user’s ability to add, 157–161 principles, 21–22 PostsController, respond_to method, 211 scaffolding, 27–28 PostsHelper module, 61 testing in, 142–148 posts table, 30 rails_12factor gem, for Heroku, 82 adding string column to, 37 Rails application posts_url, 52 assets in, 65 post_via_redirect method, 152, 153 first, 20–21 PPA (Personal Package Archive), 225 modules in, 89 predicate method, 114 structure, 23–25 prepend statement, 92–94 Rails.application.config.assets.paths :presence validation, 38 setting, 177 presence validation, for email field, 129 Rails.cache.fetch method, 187, 188

 tags, for debug helper output, 196 rails command, 26 pretty-printing Rails console JSON data, 212–213 launching, 247 in Ruby, 245 starting, 30 printing Ruby code, 203 Rails counter cache, 189 print messages, by log levels, 198 Rails development environment, privileges, of users, 164 preparing, 142 production environment rails generate command, 28 asset precompilation, 178–179 Rails generator, 37 default log level, 197–198 for controller for comments, 54 production.rb file, 23 new post form from, 69–70 programmer, ERB comments for notes, 59 Rails logger, 197–199 prompt, 4 levels, 197–198 return to working, 4 rails new command, 26, 244 protect_from_forgery method, 171, 221–222 directory structure created by, 23 public/assets directory, 178 rails scaffold command, 245 public directory, 24 rails server command, 20, 72 public key, 81 rake command, 24, 27, 36 pull command (Git), 80 to precompile assets, 178 pulling changes to server, 76 rake db:migrate command, 83 push command (Git), 80, 83 random-number generator, 217 pushing changes to server, 76 read-eval-print loop (REPL), 4 push method, 95 read operation, 32–33 put method, 150 ready function (jQuery), 180 puts method, 4 records put_via_redirect method, 152 adding to database, 31 counting, 35 deleting, 33–34 Q updating, 33 Queries, N + 1, 182–183 red-green-refactor, 154 query_by_attribute method, 102–103 redirect? helper method, 152
268 Index redirection, vs. rendering view, 50–51 S redirect_to method, 51 refactoring code, 25 Sass, 176 reflection, 97 schema, 36 regular expressions, 103 schema_migrations database table, 36 remainder, 5 schema.rb file, 24 screen, output to, 4 remote add command (Git), 80 remote repository, making local copy, 79 secret key, for cookies, 234 SECRET_KEY_BASE environment variable, 236 remove_column method, 37 SecureRandom class, 217 rename_column method, 37 secure shell (SSH), authenticating render action method, 51 over, 81 render command for form partial, 158 security, 163 –173 partials and, 67 authorization attacks, 163–165 rendering view, vs. redirection, 50–51 cross-site request forgery (CSRF), repetition, avoiding, 22 170 –171 REPL (read-eval-print loop), 4 cross-site scripting (XSS), 167–169 repository, 75 injection attacks, 165–169 Representational State Transfer (REST), seeds.rb file, 24 43–44 self join associations, 106–107 server. See also virtual private servers require directive, 176 error status codes, 208 require_self directive, 66, 176 launching, 20 require_tree directive, 176, 177 session hash, 150 require_tree . statement, 66 resource route, 45 sessions, 132–133 set_post method, 48–49 resources :user sessions statement, 46 setter methods, 16 respond_to :json method, 219 setup method, 147, 149 respond_to method, 53, 211 short circuit operators, 10 respond_to? method, 98 show action, 44, 48, 125 respond_to_missing? method, 103–104 show method, 23 respond_with method, 212 REST (Representational State Transfer), show page 43–44 for comments, 254 restricted resources, 46 for post model, 125 for users, 154 return statement, 14 reverse of subscription, 116–117 sign-up form, adding, 130–131 robots.txt file, 25 sign-up page, adding route for, 129 root route, 47 sign-up process, for users, 128–132 route for sign-up page, 129 single inheritance, 17 routes.rb file, 24 single-table inheritance, 110–111 routing, 45–48 size method, 95 custom routes, 46 sleep method, 190 root route, 47 slice, in array, 8 Ruby, 3 Smalltalk, 3 installing, xxi–xxiv, 225–226 snake case, 11 interactive, 4 snapshot, by Git, 77 Ruby object model, 89, 95–97 social networking application, 112–120 Ruby on Rails, 19 comment model, 120 application server for, 226–227 data model for, 112 creating directory for, 227–228 post models, 117–119 performance, 175–192 user model, 112–117 resources on, 258 software install, apt-get system for, Ruby Toolbox, 258 225–226
Index 269 spaces between words, 6 controllers, 150–152 special characters, in strings, 6 data, 39 SQL helpers, 47 commands, 31 integration, 152–154 examining output, 181–182 models, 148–149 injection attack, 166–167 in Rails, 142–148 program optimization and, 180–183 using fixtures, 144 –146 SQLite database, 24 test log, 145 square brackets ([ ]), for array, 7 test.rb file, 23 SSH (secure shell), authenticating text field, helper for creating, 71–72 over, 81 text post stages in Capistrano, for application button for creating new, 159 deployment, 230 edit view for, 165 staging area, of Git, 77 update method for, 164–165 state of application, 22 TextPost status codes, HTTP, 207–208 creating posts of, 157–161 status command (Git), 78, 79 fixture files for, 145–146 step command (debugger), 203 validation test, 149 stepping into application, 199 TextPost partial strings, 6–7 conditional statement for Edit button, Strong Parameters, 50, 53, 55 191–192 stylesheet_link_tag method, 65–66 link to edit section, 165 submit helper, 72 text post partial, editing, 248 subscription, model to represent, 113 text_post_params method, 159, 220 subscriptions table, 114 therubyracer gem, 230 Subversion, 76 timeline, for home page, 137 sum method, 35 timeline_user_ids method, 137 symbols, 7 tmp directory, 25 token-based authentication, 209, 216–222 tokens T for current session, 66 tabs, in strings, 6 generating, 216–218 tasks directory, 24 for request authentication, 218–219 TDD (test-driven development), 25 Torvalds, Linus, 76 adding features with, 154–161 touch option, for associations, 189 teardown method, 147 touch tmp/restart.txt command, 233 templates, in ERB, 58 t.references :author statement, 108–109 test case, 143 Tumblr, 112 test directory, 25 turbolinks, 179–180 controllers/posts_controller_test.rb file, 152 controllers/text_posts_controller_test.rb U file, 157–158, 159 Ubuntu Linux 14.04 LTS, 224 controllers/users_controller_test.rb file, Ubuntu Linux setup, 225–230 151, 154–155 underscore (_), in partial names, 67 fixtures/posts.yml file, 145–146 undisplay command (debugger), 203 fixtures/users.yml file, 144 :uniqueness validation, 38 integration/user_flow_test.rb file, 153 uniqueness validation, for email field, 129 models/user_test.rb file, 142–143, 145 unique words, 18 test_helper.rb script, 25 unit tests, 148 test-driven development (TDD), 25 unless statement, 12 adding features with, 154–161 update action, 44 testing, 141–162 update method, 33, 51, 53 API with Curl, 212 for text posts, 164–165 associations, 115–116
270 Index updated_at field, 28 W updating records, 33 URL helpers, 47, 59–60 web APIs, 205–222 URLs web browser, JSON output on, 213 and mapping actions to verbs, 45 weblog, creating, 20 validation, 118 web pages elements, 64 User associations, 114 title of, 258 User.authenticate method, vulnerability to SQL injection, 166 WEBrick server, 20 web servers, 226–228 User class, creating instance of, 246 user fixtures, 144–145 where method, 32–33, 103 will_paginate gem, 184 user_id in session, storing, 132–133 user interface. See views --without production option, for user model bundler, 231 words, counting in file, 18 api_token string, 216 for social networking application, write_with_time method, 99 112–117 user:references option, 118 X users XML, 22, 51 action for creating new, 129–130 X-RateLimit-Limit, for GitHub API authentication of, 136–137 requests, 209 privileges of, 164 XSS (cross-site scripting), 167–169 sign-up process, 128–132
V Y YAML, 144, 196 validation, 38–39 dashes and dots for start and end, 197 adding to app/models/comment.rb yield statement, 67, 124 file, 241 adding to model, 118 valid? method, 39 Z valid user, 143 zero index, for array, 8 values method, 9 values of object, displaying, 198 var command (debugger), 202 variables, 10–11 examining values, 202 initiating only if nil, 10 var instance command, 202 VCS (version control system), 75 vendor/assets directory, 177 vendor directory, 25 version control system (VCS), 75 vertical pipe (|), 13 views, 22, 57–74 caching parts of, 189 layouts, 64–67 view templates, creating, 125 virtual host, 236–237 virtual private servers, 224–230 Amazon AWS setup, 224–225 Ubuntu Linux setup, 225–230
Index 271